Privacy Policy
ChemiLytics GmbH & Co. KG (hereinafter referred to as “we” or “controller”) takes the protection of personal data seriously and observes the relevant data protection regulations, in particular the regulations of the EU General Data Protection Regulation (GDPR). Below we would like to inform you in particular about when we process which data in the context of the use of our website www.chemilytics.com.
I. General
1. Scope of data processing
We only collect and use personal data of our users to the extent necessary to provide a functional website as well as our contents and services. The collection and use of personal data of our users only takes place if the processing of the data is permitted by legal regulations or with the user’s consent.
2. Legal grounds for processing data
Insofar as we obtain the user’s consent for the processing of personal data on our website, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.
In the processing of personal data required for the performance of a contract to which the user is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of a contractual obligation or pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the user concerned do not outweigh the interest mentioned first, Art. 6 para. 1 letter f GDPR serves as the legal basis for data processing (so-called weighing of interests).
In addition, there are other legal bases for the processing of personal data, which we specifically list below, if relevant.
3. Storage period
Users’ personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by European or national legislators in EU regulations, laws or other regulations to which our company is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
4. Transfer of personal data
If we pass on personal data, we do this on the one hand to service companies that support us in fulfilling the aforementioned purposes. These companies may use your personal data as so-called processors only for the fulfilment of their tasks on our behalf and are obliged to comply with the relevant data protection regulations. The processors we use are:
- Innovation Gate GmbH, Wallstr. 16, 40878 Ratingen, Germany
On the other hand, we may forward your enquiry to our affiliated companies and cooperation partners in order to fulfil your enquiries using the contact forms (e.g. request for product information, brochures).
Apart from that, however, no personal data is passed on to third parties.
5. Place where data is processed
The processing of the personal data stored by you takes place in countries of the European Economic Area.
II. Processing of personal data
1. Provision of websites and creation of logfiles
a) Description of data processing
Every time you visit our website, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected in this process:
- Information about the browser type and version used
- The user‘s IP address
- Date and time of access
- Accessed website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
b) Legal grounds for processing data
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
c) Purpose of data processing
The data is stored in log files to ensure that the website functions properly. In addition, the data serves us to optimise our website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR is also based on these purposes.
d) Storage period
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. If the data is stored in log files, this is the case after 7 days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
e) Option to object and delete
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
2. Contact form / email contact
a) Description of data processing
Contact forms are available on our website which can be used for electronic contact. If a user uses this option, the data entered in the input mask (mandatory fields and optional information) will be transmitted to us and stored. These data are in particular:
- Company
- Name
- Material to be analyzed
- Desired method
- Desired analyt/elements
- Contact options (Telephone or E-Mail)
- Further optional information, if applicable
Alternatively, you can contact us via the e-mail address provided by us. In this case, the user’s personal data transmitted by e-mail will be stored.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
b) Legal grounds for processing data
The legal basis for the processing of data is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract or contract-like obligation, then the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
c) Purpose of data processing
The processing of personal data solely serves to to process the establishment of contact. In the event of contact, this also constitutes the necessary legitimate interest in the processing of the data.
d) Storage period
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data sent by e-mail, this is the case when the conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.
e) Option to object and delete
If the user contacts us by e-mail, he/she can object to the storage of his/her personal data at any time. The objection can be sent to the contact information at the end of our Data Privacy Statement. In the event of an objection, the conversation with the user cannot be continued and all personal data stored in the course of making contact will be deleted by us.
III. Use of cookies
1. Description of data processing
We use “cookies” to make your visit to our website attractive and to enable the use of certain functions. This is small text information that is stored in the browser or by the browser on the terminal device. If a user calls up a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is visited again.
a) Technically necessary cookies
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after changing the website. The following data is stored and transmitted in the Cookies:
•WGSECURESESSIONID: Ihre aktuelle HTTP-Session-ID
When closing the browser this cookie will be deleted.
b) Note on changing browser setting
Most browsers are set to automatically accept cookies. However, the user can prevent the storage of cookies on his/her computer by means of appropriate browser settings, which, however, can limit the range of functions of our website.
c) Consent tool
Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser, in which the consent you have given or the revocation of this consent is stored. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://borlabs.io/kb/what-information-does-borlabs-cookie-store/.
Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
2. Legal grounds for processing data
The legal basis for the processing of personal data is Art. 6 para. 1 lit. a GDPR. Furthermore, the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of the website for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognised also after a change of the Internet page. The aforementioned purposes constitute our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 lit. f GDPR.
4. Storage period, option to object and delete
Cookies are stored on the user’s computer and transmitted to our website. Therefore, you as a user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to the full extent.
IV. Rights of data subjects
If your personal data are processed, you are data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. Right to information
You can ask the controller to confirm whether personal data concerning you are processed by us.
If such processing has taken place, you can request the following information from the controller:
- The purposes for which the personal data are processed;
- The categories of personal data processed;
- The recipients or categories of recipients to whom the personal data concerning you have been or are still being disclosed;
- The planned duration of the storage of personal data concerning you or, if it is not possible to provide specific information, the criteria for determining the storage period;
- The existence of a right to rectification or deletion of personal data concerning you, a right to restriction of the processing by the controller or a right to object to such processing;
- The existence of a right of appeal to a supervisory authority;
- Any available information on the origin of the data if the personal data are not collected from the data subject;
- The existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) GDPR, and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission.
2. Right to rectification
You have a right of rectification and/or completion vis-à-vis the controller if the personal data processed concerning you are incorrect or incomplete. The controller shall make the correction without delay.
3. Right to restriction of processing
You can request the restriction of the processing of personal data concerning you where one of the following applies:
- If you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
- If the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead;
- If the controller no longer needs the personal data for the purposes of the processing, but you need them for the establishment, exercise or defence of legal claims, or
- if you have objected to processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.
If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is cancelled.
4. Right to deletion
a) Obligation to delete
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- Your personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
- You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
- Personal data concerning you have been unlawfully processed.
- The erasure of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
- Personal data concerning you have been collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.
b) Information to third parties
If the controller has made public personal data concerning you and is obliged to erase it pursuant to Art. 17 para. 1 GDPR, the controller shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.
c) Exceptions to the obligation to delete
The right to erasure does not exist to the extent that processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons if public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 DSGVO, in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
- for the establishment, exercise or defence of legal claims.
5. Right to information
If you have exercised your right to have the controller correct, delete or limit the processing, the controller is obliged to inform all recipients to whom personal data concerning you have been disclosed of this correction or erasure of the data or restriction on processing, unless this proves impossible or involves disproportionate effort.
You have the right to request from the controller to be informed about these recipients.
6. Right to data portability
You have the right to receive personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data on to another controller without hindrance by the controller to which the personal data was provided, where
- the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR; and
- the processing is carried out by automated means.
In exercising this right, you also have the right to request that personal data concerning you be transferred directly from one controller to another controller, where technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.
7. Right to object
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on those provisions.
The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising, which includes profiling to the extent that it is related to such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you shall no longer be processed for these purposes.
You have the possibility to exercise your right of objection in connection with the use of Information Society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
8. Right to revoke consent to data processing
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
9. Automatic decision-making in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:
- is necessary for the conclusion or performance of a contract between you and the controller,
- the legislation of the Union or of the Member States to which the controller is subject is admissible and that legislation contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or
- is with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.
In the cases referred to in points (1) and (3) above, the controller shall take appropriate measures to safeguard your rights, freedoms and legitimate interests, which includes at least the right to obtain the intervention of a person by the controller, to state the own position and to challenge the decision.
10. Right to complain to a regulatory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or the place of suspected breach, if you believe that the processing of personal data concerning you is contrary to the GDPR.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of judicial remedy under Art. 78 GDPT.
You will find the contact details of the supervisory authority responsible for our company at the end of the Data Privacy Statement.
11. Other
To assert the above rights, please contact us (see contact information at the end of the Data Privacy Statement). Enquiries submitted to us electronically will generally be answered electronically, unless you have specified otherwise in your enquiry.
V. External links
Our website may contain links to third party sites. As far as this is not obviously recognisable, we point out to you that it concerns an external link. We have no influence on the content and design of the pages of external providers. This Data Privacy Statement does not apply there in this respect.
VI. Amendment of this Privacy Policy
The constant development of the Internet and the frequently associated changes to the applicable legal norms make it necessary from time to time to adapt our Data Privacy Statement. We will inform you at this point about corresponding alterations.
VII. Responsible body
Controller within the meaning of the GDPR and other national data protection laws of the EU member states as well as other data protection regulations is:
ChemiLytics GmbH&Co.KG
Im Schleeke 78 – 91
38642 Goslar
Phone: +49/5321/751-51616
Email: services@ChemiLytics.com
The complete Legal Notice can be found here:
VIII. Contact details of the Data Protection Officer
The contact details of the controller’s data protection officer are:
IX. Contact details of the supervisory authority
The contact details of the supervisory authority responsible for our company are:
Landesbeauftragte für den Datenschutz Niedersachsen, Prinzenstraße 5, 30159 Hannover, Website: www.lfd.niedersachsen.de, Email: poststelle@lfd.niedersachsen.de
Issued: 03.11.2023